getting more exit nodes
Alexander Bernauer
alex-tor at copton.net
Sun Apr 20 11:32:19 UTC 2008
Hi
The CCC local group Rheintal [1] is currently working on a solution to
get much more Tor exit nodes which we think is a major problem of Tor.
The basic idea is to develop a browser plugin which while active turns
the computer into both an Tor client and a Tor exit node. The target
group is a Windows XP or Vista user with almost no technical skills but
fear of pop-ups asking strange things. We are experienced in providing
and promoting security software to them [2] and we beliefe that this
solution will be accepted and widely used.
To get the software done I would like to discuss the technical aspects
here.
The bigest problem we see are those personal firewalls which prevent
running a normal Tor server. Therefore this machine needs to open a
client connection. That's why we call it a client-exit node.
So we need some servers for the client-exit nodes. This nodes we call
pseudo-exit nodes. The reason for this is that Alice selects this node
as exit node for its circuit but the traffic gets routed to the
client-exit node. So the pseudo-exit node doesn't appear in the server
logs.
This means that every Tor node can become a pseudo-exit node without any
additional law enforcement risks. Given that all Tor nodes are
pseudo-exit nodes a client-exit node would select a Tor node at random
and connect to it. As soon as a pseudo-exit node has at least one
connection to a client-exit node it registers itself at the directory
server as a normal exit node. From now on everything goes the normal way
except that the pseudo exit nodes passes the traffic which would
normally go out of the Tor network to the client-exit node.
This is the basic idea. I'm sure there are technical aspects we missed
or assumptions which are wrong. So I would appreciate if you could point
us on them.
We tried hard to find a solution which would not require patching
existing Tor nodes. But we didn't find any. Maybe we do in this
discussion.
[1] http://ulm.ccc.de/Rheintal
[2] http://www.dingens.org
regards
--
Alexander Bernauer
More information about the tor-talk
mailing list